track-manager
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized access attempts were identified. The skill instructions focus on standard project management activities.
- [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection because it reads and processes external specification and plan files.
- Ingestion points: The skill ingests content from 'spec.md' and 'plan.md' files within the conductor directory.
- Boundary markers: No delimiters or isolation instructions are present to prevent the agent from obeying instructions embedded within those files.
- Capability inventory: The skill utilizes file read and write operations on the local project directory.
- Sanitization: The instructions do not specify any validation or filtering of the content read from external files.
Audit Metadata